Commit Graph

32 Commits

Author SHA1 Message Date
Azareal
f502bf4f53 subresource integrity 2020-07-31 15:33:29 +10:00
Azareal
43d72e6f3b wip allow for more cdns
add res template function
add ExtraCSPOrigins config setting
add StaticResBase config setting
skip flush directives
2020-07-30 18:10:29 +10:00
Azareal
ed64b8f29b eliminate allocs for getting static resources
optimise two char emoticons
add 30 parser tests
2020-07-26 14:36:40 +10:00
Azareal
faf215f388 try speeding up static files with brotli
track ref routes for a bit to debug them
hit more bots with MicroNotFound
2020-04-13 13:28:52 +10:00
Azareal
5fe0c8c95b add BuildWidget2 to avoid allocing as many strings in templates for docks
dynamic load /topics/ page where possible
reduce boilerplate
2020-04-12 15:00:15 +10:00
Azareal
e2293b3495 rudimentary css minification
eliminate carriage returns in scripts
2020-04-03 15:53:15 +10:00
Azareal
d3b2721746 optimise attach exts
optimise PrepResources
2020-03-28 09:10:54 +10:00
Azareal
a3d6f1c844 minify interpreted templates
save bytes in init.js
2020-03-23 11:18:10 +10:00
Azareal
aa32bd335c try to avoid as many upfront gzip allocs to avoid wasting resources when they're not needed
avoid gzip for guests on routeAPI
2020-03-12 16:52:26 +10:00
Azareal
61688a0c6d improve efficiency for small static files 2020-03-12 13:00:04 +10:00
Azareal
83a2659b1c this too x.x 2020-03-07 07:55:26 +10:00
Azareal
363826624f Reduce bandwidth usage for client templates.
Add js and ptmpl (stub) template functions.
Simple constant folding for true / false values in templates.
Use empty string instead of 0 for poll vote ips when DisablePollIP is enabled.

Shorten some things.
2020-02-19 09:04:14 +10:00
Azareal
45a3065db1 Use json marshal for the group permissions in querygen.
Add an omitempty json tag to the Perms struct.
Take the opportunity to shorten some things.
2019-10-06 15:32:08 +10:00
Azareal
78c5c62eee Basic group promotions.
Add the users_groups_promotions table.
Optimise ConvoViewPage.

Shortened some things.
Convo CSS fixes.
Make sure the user cache is flushed properly after the post stats change.

You will need to run the patcher / updater for this commit.
2019-09-29 14:56:39 +10:00
Azareal
4d8c97812d More conversations work.
Add support for AS in columns for SimpleInnerJoin.
Add a referrer policy to improve privacy a little.
Shorten /static/ to /s/ since it comes up so much.
Remove some obsolete code.
Shorten some variable names.
Reduce the amount of boilerplate in the patcher.

Added the RefNoTrack and RefNoRef privacy config settings.

You may need to run the updater / patcher for this commit.
2019-08-14 20:39:04 +10:00
Azareal
91f12e26a4 Don't forget this bit.
Updates #59
2019-07-23 20:41:34 +10:00
Azareal
05c2ac3ce4 Add the disk and database sections to the debug page.
Add the ActivityStream interface to abstract Get, Add and Count.
Rename the GlobalCount methods to Count for simplicity.
Simplify the variable names in the Count methods.
Rename the GlobalCount method to Count and rename the original Count method to CountUser in LoginLogStore.
Add a float64 case for bunit, sort of.
Theme.RunTmpl now returns ErrBadDefaultTemplate instead of panicking when an interpreted template doesn't exist.
Widget.Allowed now checks the zoneid.
Fire the alert off in the background in AddActivityAndNotifyTarget instead of blocking the request.
Use ErrBadDefaultTemplate instead of calling DefaultTemplates.Lookup directly for custom pages.
Split the page struct for the debug page into multiple structs to make things more organised.

Add the Count method to ProfileReplyStore.
Add the Count method to ReplyStore.
Add the DirSize utility function.

Add a few ActivityStream tests.

Secret gallery stuff.
2019-06-01 22:31:48 +10:00
Azareal
e50366ce60 Hyperdrive should handle Gzip properly now...
Fixed a potential bug where Hyperdrive might cache already cached content.
Skip jumpHdrive if requested via JavaScript for now.

Export CompressBytesGzip so Hyperdrive can use it.
2019-04-27 20:22:39 +10:00
Azareal
c84b0aa433 Avoid concatenating the style / script names with the hashes in AddScript, AddPreScriptAsync, AddScriptAsync and AddSheet to reduce the number of allocations.
Use a string builder for building Link Headers.
2019-04-19 20:39:17 +10:00
Azareal
660f24acff Experimenting with Nox's Control Panel.
Experimenting with better cache busting for static resources.
HTTPSRedirect requests are now counted in the route analytics.
More scripts are loaded asynchronously now.
Upped the default ReadTimeout to eight seconds.
Reduce the number of unneccesary NewAcc calls.
Added panel_before_head as an injection point for themes.
Themes can now declare scripts to be loaded asynchronously.
Tweaked the WS resumption algorithm to mae the backoffs a little less aggressive.
Fixed an ordering issue in the WS resumption algorithm where backoffs weren't expiring as fast as they should have.
Fixed a bug where template logs weren't being written due to a panic.
You can now use byte slices in more places in the transpiled templates.
Fixed a bug where Cosora's misc.js seemed to be erroring out.
Fixed a bug where YT embeds were getting blocked by the CSP.

Added the panel_back_to_site phrase.
Added the panel_welcome phrase.
2019-03-22 08:59:41 +10:00
Azareal
e22ddfec40 Added support for password resets.
Sha256 hashes are now stored in the SFile structures, this will come of use later.
Rows should be properly closed in DefaultTopicStore.BulkGetMap.
All errors should be properly reported now in DefaultTopicStore.BulkGetMap.
Rows should be properly closed in DefaultUserStore.BulkGetMap.
All errors should be properly reported now in DefaultUserStore.BulkGetMap.
Don't have an account on the login page should now be linkified.
Renamed tempra-simple to tempra_simple to avoid breaking the template transpiler.
Fixed up bits and pieces of login.html on every theme.
Removed an old commented code chunk from template_init.go
widget_wol widgets should now get minified.
bindToAlerts() should now unbind the alert items before attempting to bind to them.
Tweaked the SendValidationEmail phrase.
Removed a layer of indentation from DefaultAuth.ValidateMFAToken and added the ErrNoMFAToken error for when MFA isn't setup on the specified account.
Email validation now uses a constant time compare to mitigate certain classes of timing attacks.

Added the /accounts/password-reset/ route.
Added the /accounts/password-reset/submit/ route.
Added the /accounts/password-reset/token/ route.
Added the /accounts/password-reset/token/submit/ route.
Added the password_resets table.

Added the password_reset_email_fail phrase.
Added the password_reset phrase.
Added the password_reset_token phrase.
Added the password_reset_email_sent phrase.
Added the password_reset_token_token_verified phrase.
Added the login_forgot_password phrase.
Added the password_reset_head phrase.
Added the password_reset_username phrase.
Added the password_reset_button phrase.
Added the password_reset_subject phrase.
Added the password_reset_body phrase.
Added the password_reset_token_head phrase.
Added the password_reset_token_password phrase.
Added the password_reset_token_confirm_password phrase.
Added the password_reset_mfa_token phrase.
Added the password_reset_token_button phrase.

You will need to run the updater or patcher for this commit.
2019-03-11 18:47:45 +10:00
Azareal
cc1d0f089a Client templates can now be overriden like every other template.
The client templates load earlier now for a smoother user experience.
Added a setting for setting a Google Site Verification meta tag without editing header.html
Added support for favicons. /static/favicon.ico will be mapped to favicon.ico, if it exists.
The parent forum is now visible on the topics list for Nox.

Language headers which contain the wildcard character are no longer considered unknowns.
Meta descriptions and open graph descriptions are no longer emitted for logged in users.
Slimmed down topics_topic slightly for Nox.
Pre-parsed widgets are now minified.
Stale WebSockets connections should be cleaned up far quicker now.
Template generation is now logged separately.
Commented out some obsolete template logic.
Marked a few template generator fields as unexported.

Fixed the styling for the ban page in the profile for Nox.
Fixed the styling for colline for Cosora and Tempra Simple.
Fixed the sidebar overflowing outside of the box on Nox.
Fixed the meta description text overflowing the box in the Setting Manager on Nox.
Fixed excessive padding in the Page Manager.
Fixed a few missing border on the profiles for Tempra Simple.
Fixed the sidebar appearing in places it shouldn't on Tempra Simple.
Fixed the status code emitted by NotFoundJS
Fixed a bug where Gosora kept falling back to interpreted templates.
Fixed a bug where WebSockets connections weren't getting closed properly if the user cache overflowed.
Fixed a bug where WebSocket connections weren't getting initialised for guests.
Fixed a bug where template overrides weren't always getting applied.
Fixed a bug where root template overrides weren't always getting applied.

Added the google_site_verify setting.
Added the google_site_verify phrase.

You will need to run the patcher or updater for this commit.
2019-02-28 17:28:17 +10:00
Azareal
d9acf27c5b The Search and Filter Widget is now partly implemented. Just Search to go in the basic implementation.
Added AJAX Pagination for the Topic List and Forum Page.
A new log file pair is now created every-time Gosora starts up.
Added proper per-theme template overrides.

Added EasyJSON to make JSON serialisation faster.
Moved a bit of boilerplate into paginator.html
Improved paginator.html with a richer template with first, last and symbols instead of text.
Phased out direct access to Templates.ExecuteTemplate across the software.
Fixed the Live Topic List so it should work again.
Added MicroAvatar to WsJSONUser for topic list JSON requests.
An instance of the plugin is now passed to plugin handlers rather than having the plugins manipulate the globals directly.
Added the pre_render_panel_forum_edit and pre_render_panel_forum_edit_perms hooks to replace pre_render_panel_edit_forum.
Renamed the pre_render_panel_edit_user hook to pre_render_panel_user_edit
Reduced the amount of noise from fsnotify.
Added RawPrepare() to qgen.Accumulator.
Added a temporary phrase whitelist to the phrase endpoint.
Moved the location of the zone data assignments in the topic list to reduce the chances of security issues in the future.
Changed the signature of routes/panel/renderTemplate() requiring some changes across the panel routes.
Removed bits of boilerplate in some of the panel routes with renderTemplate()
Added a BenchmarkTopicsGuestJSRouteParallelWithRouter benchmark.
Removed a fair bit of boilerplate for each page struct by generating a couple of interface casts for each template file instead.
Added the profile_comments_row_alt template.
Added the topics_quick_topic template to reuse part of the quick topic logic for both the topic list and forum page.
Tweaked the CSS for the Online Users Widget.
Tweaked the CSS for Widgets in every theme with a sidebar.
Refactored the template initialisers to hopefully reduce the amount of boilerplate and make things easier to maintain and follow.
Add genIntTmpl in the template initialiser file to reduce the amount of boilerplate needed for the fallback template bindings.

Removed the topics_head phrase.
Moved the paginator_ phrases into the paginator. namespace and renamed them accordingly.
Added the paginator.first_page phrase.
Added the paginator.first_page_aria phrase.
Added the paginator.last_page phrase.
Added the paginator.last_page_aria phrase.
Added the panel_forum_delete_are_you_sure phrase.

Fixed a data race in LogWarning()
2019-02-10 15:52:26 +10:00
Azareal
543ad8a018 Added the login log.
Added a better paginator for view topic.
The last post on the topic list and forum pages now link to the last page of a topic for quicker navigation.
The Account Manager now utilises dyntmpl in more areas.
More tooltips.
Tweaked the colour for the validated emails in the Email Manager so it looks nicer on dark themes.
Moved some inline styles from the Email Manager into the stylesheets and removed obsolete ones.
Added the mixed BenchmarkTopicGuestAdminRouteParallelWithRouter benchmark.
The bad route benchmark should no longer abort when erroring, something which doesn't make sense as it's always expected to error.
Reduce a bit more boilerplate with renderTemplate()
Added the *CTemplateSet.addText method and used it to optimise the generated templates a tiny bit more.
The forums route now has guest and member variants generated for it.
Turned the experimental template optimisation back on for more data.

Added the routes.AccountLogins route.

Added the account_logins phrase.
Added the account_menu_logins phrase.
Added the account_logins_head phrase.
Added the account_logins_success phrase.
Added the account_logins_failure phrase.

You need to run the patcher / updater for this commit.
2018-12-17 14:58:55 +10:00
Azareal
bdf7fa40d5 Improved the datetimes on the log pages.
Added an experimental template fragment optimisation.
The template generator can handle time.Time
The forum and profile templates now have guest and member variants generated for them.
Interpreted templates are no longer loaded, if there's a generated version of it.

Added absolute time on hover to the topic, topics, forum, and forums templates.
We now use lang instead of index in the stylesheets for phrases.
Renamed the .trash_label CSS class to .delete_label
Use the new toArr and concat template functions to reduce the amount of boilerplate in the theme stylesheets.
Removed bits of redundant code here and there in the stylesheets.
Added a .CurrentUser.Loggedin to profiles to make them slightly faster.
Shortened some themeStmt names.
Moved GzipResponseWriter, theme.RunTmpl and theme.GetTmpl from theme_list.go to theme.go
The fallback theme now falls back onto the last theme loaded, if the fallback theme doesn't exist.
Added the abstime template function for formatting absolute times a little more nicely.

Began work on the login logs.

Removed the alerts_no_new_alerts phrase.
Renamed the forums_topics_suffix phrase to forums.topics_suffix.
2018-12-14 14:08:53 +10:00
Azareal
a20078d83b Revamped the IP Search Page for Nox.
Revamped the Word Filter Manager for Nox.
Revamped the Setting Manager for Nox and Cosora.
Upped the number of items in the User Manager.
Upped the number of items in the Group Manager.
Upped the number of items in the Page Manager.
Swap a fmt.Println for a DebugLog in hold.ScanItem.
EQCSS.js should ignore panel.css in Cosora now.
Added the lang template function for stylesheet templates to reduce the amount of boilerplate.
Localised a couple of spots in the Nox Theme which got overlooked.
Tweaked the grid CSS for Nox.
The Control Panel Dashboard items now change colour in Nox like in the other themes.
Use Site.Host instead of req.Host for www redirects for security reasons.
Removed a superfluous function call in WriterIntercept.WriteHeader.
Tweaked several bits and pieces of CSS like the padding on a few items in the Forum Editor.

Added the topic_list.moderate phrase.
Added the panel_word_filters_to phrase.
2018-12-06 21:09:10 +10:00
Azareal
76cfcb509b Moved the phrase logic to the phrases package.
Removed some initialisation boilerplate from the test code.
De-duplicated some of the common portions of the benchmarks.
Added miscinit to reduce the amount of initialisation boilerplate in the tests and to better catch initialisation errors.
Added a profile benchmark.
2018-11-01 16:43:56 +10:00
Azareal
b2e97e47c1 Moved the last control panel theme manager route into /routes/panel/
Added the UpdateDefaultTheme function.

Renamed panelRenderTemplate to renderTemplate.
Renamed panelSuccessRedirect to successRedirect.
Reduced the amount of boilerplate in panel.GroupsEdit with renderTemplate.
Renamed the pre_render_panel_edit_group hook to pre_render_panel_group_edit.
Reduced the amount of boilerplate in panel.GroupsEditPerms with renderTemplate.
Renamed the pre_render_panel_edit_group_perms hook to pre_render_panel_group_edit_perms.

Fixed a bug where the active status for themes didn't get loaded at start-up.
Fixed a theoretical deadlock in NewThemeList.
Updated CONTRIBUTING.md
2018-10-02 14:09:17 +10:00
Azareal
7b8943517b Upped the compression level for static files.
Experimenting with compressing everything.
Fixed the live things.

Playing around with topic buttons in Nox.
2018-08-21 18:00:35 +10:00
Azareal
f8f46b3c48 Added support for two-factor authentication.
Added the Account Dashboard and merged a few account views into it.
BREAKING CHANGE: We now use config/config.json instead of config/config.go, be sure to setup one of these files, you can config_default.json as an example of what a config.json should look like. If you don't have an existing installation, you can just rely on the installer to do this for you.

CSS Changes (does not include Nox Theme):
Sidebar should no longer show up in the account manager in some odd situations or themes.
Made a few CSS rules more generic.
Forms have a new look in Cosora now.

Config Changes:
Removed the DefaultRoute config field.
Added the DefaultPath config field.
Added the MaxRequestSizeStr config field to make it easier for users to input custom max request sizes without having to use a calculator or figure out how many bytes there are in a megabyte.
Removed the CacheTopicUser config field.
Added the UserCache config field.
Added the TopicCache config field

Phrases:
Removed ten english phrases.
Added 21 english phrases.
Changed eleven english phrases.
Removed some duplicate indices in the english phrase pack.

Removed some old benchmark code.
Tweaked some things to make the linter happy.
Added comments for all the MemoryUserCache and MemoryTopicCache methods.
Added a comment for the null caches, consult the other caches for further information on the methods.
Added a client-side check to make sure the user doesn't upload too much data in a single post. The server already did this, but it might be a while before feedback arrives from it.
Simplified a lot of the control panel route code with the buildBasePage function.
Renamed /user/edit/critical/ to /user/edit/password/
Renamed /user/edit/critical/submit/ to /user/edit/password/submit/
Made some small improvements to SEO with a couple of meta tags.
Renamed some of the control panel templates so that they use _ instead of -.
Fixed a bug where notices were being moved to the wrong place in some areas in Cosora.
Added the writeJsonError function to help abstract writing json errors.
Moved routePanelUsers to panel.Users
Moved routePanelUsersEdit to panel.UsersEdit
Moved routePanelUsersEditSubmit to panel.UsersEditSubmit
Renamed routes.AccountEditCritical to routes.AccountEditPassword
Renamed routes.AccountEditCriticalSubmit to routes.AccountEditPasswordSubmit
Removed the routes.AccountEditAvatar and routes.AccountEditUsername routes.
Fixed a data race in MemoryTopicCache.Add which could lead to the capacity limit being bypassed.
Tweaked MemoryTopicCache.AddUnsafe under the assumption that it's not going to be safe anyway, but we might as-well try in case this call is properly synchronised.
Fixed a data race in MemoryTopicCache.Remove which could lead to the length counter being decremented twice.
Tweaked the behaviour of MemoryTopicCache.RemoveUnsafe to mirror that of Remove.
Fixed a data race in MemoryUserCache.Add which could lead to the capacity limit being bypassed.
User can no longer change their usernames to blank.

Made a lot of progress on the Nox theme.
Added modified FA5 SVGs as a dependency for Nox.
Be sure to run the patcher or update script and don't forget to create a customised config/config.json file.
2018-06-17 17:28:18 +10:00
Azareal
a5f5f4af7e Added the Page Manager for faster and easier custom page creation.
Added the PageStore.

Renamed account_own_edit.html to account_own_edit_password.html
Renamed custom-page.html to custom_page.html
Renamed the pre_render_custom_page hook to pre_render_tmpl_page.
Added a new pre_render_custom_page hook, not to be confused with the previous one.
Renamed the pre_render_account_own_edit_critical hook to pre_render_account_own_edit_password.
Moved the report forum ID into a constant.
Renamed todaysReportCount to topicsTopicCountByForum and made it more generic.
Renamed panel-menu.html to panel_menu.html
Renamed panel-inner-menu.html to panel_inner_menu.html
Removed an irrelevant editable_parent in a no results row.
Fixed the profile page loading the wrong profile.css
Fixed a bug where the last poster avatar would break on the forum page.
Added the AddNotice method to *Header.
Greatly simplified many of the page struct definitions.
Added the ErrorPage page struct and refactored the error pages to use it.
Added the BasePanelPage page struct and refactored the panel page structs to use it.
Tweaked the DefaultHeader function to set the user on the spot rather than after the fact.
Simplified AccountEditAvatarSubmit into a redirect.
Add the addElement closure in the control panel dashboard to reduce the amount of complexity.
Tweaked LogWarning to better handle nils.

Added the account_username phrase.
Added the account_avatar phrase.
Added the account_email phrase.
Added the panel_pages phrase.
Added the panel_pages_edit phrase.
Added the panel_page_created phrase.
Added the panel_page_updated phrase.
Added the panel_page_deleted phrase.
Added the account_menu_security phrase.
Added the panel_menu_pages phrase.
Added the panel_pages_head phrase.
Added the panel_pages_edit_button_aria phrase.
Added the panel_pages_delete_button_aria phrase.
Added the panel_pages_no_pages phrase.
Added the panel_pages_create_head phrase.
Added the panel_pages_create_name phrase.
Added the panel_pages_create_name_placeholder phrase.
Added the panel_pages_create_title phrase.
Added the panel_pages_create_title_placeholder phrase.
Added the panel_pages_create_body_placeholder phrase.
Added the panel_pages_create_submit_button phrase.
Added the panel_pages_edit_head phrase.
Added the panel_pages_name phrase.
Added the panel_pages_title phrase.
Added the panel_pages_edit_update_button phrase.

Began work on two-factor authentication.
Made more progress with the Nox Theme.
2018-06-06 10:21:22 +10:00
Azareal
23a686fe96 UNSTABLE: Began work on the Nox Theme.
Removed the Tempra Cursive Theme.
You can now do bulk moderation actions with Shadow.

Added:
Argon2 as a dependency.
The EmailStore.
The ReportStore.
The Copy method to *Setting.
The AddColumn method to the query builder and adapters.
The textarea setting type.
More logging to better debug issues.
The GetOffset method to the UserStore.

Removed:
Sortable from Code Climate's Analysis.
MemberCheck and memberCheck as they're obsolete now.
The obsolete url_tags setting.
The BcryptGeneratePasswordNoSalt function.
Some redundant fields from some of the page structs.

Revamped:
The Control Panel Setting List and Editor.

Refactored:
The password hashing logic to make it more amenable to multiple hashing algorithms.
The email portion of the Account Manager.
The Control Panel User List.
The report system.
simplePanelUserCheck and simpleUserCheck to remove the duplicated logic as the two do the exact same thing.

Fixed:
Missing slugs in the profile links in the User Manager.
A few template initialisers potentially reducing the number of odd template edge cases.
Some problems with the footer.
Custom selection colour not applying to images on Shadow.
The avatars of the bottom row of the topic list on Conflux leaking out.

Other:
Moved the startTime variable into package common and exported it.
Moved the password hashing logic from user.go to auth.go
Split common/themes.go into common/theme.go and common/theme_list.go
Replaced the SettingLabels phrase category with the more generic SettingPhrases category.
Moved a load of routes, including panel ones into the routes and panel packages.
Hid the notifications link from the Account Menu.
Moved more inline CSS into the CSS files and made things a little more flexible here and there.
Continued work on PgSQL, still a ways away.
Guests now have a default avatar like everyone else.
Tweaked some of the font sizes on Cosora to make the text look a little nicer.
Partially implemented the theme dock override logic.
Partially implemented a "symlink" like feature for theme directories.
... And a bunch of other things I might have missed.

You will need to run this update script / patcher for this commit.
Warning: This is an "unstable commit", therefore some things may be a little less stable than I'd like. For instance, the Shadow Theme is a little broken in this commit.
2018-05-27 19:36:35 +10:00